From b4ff87b80b9156f6faf52f141f45573086a0eba3 Mon Sep 17 00:00:00 2001 From: xucun Date: Wed, 11 Jun 2025 19:27:40 +0800 Subject: [PATCH] =?UTF-8?q?:pencil:=20=E6=A0=BC=E5=BC=8F=E5=8C=96=E4=BB=A3?= =?UTF-8?q?=E7=A0=81=EF=BC=8C=E4=BF=AE=E6=94=B9=E6=96=87=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/changelog.md | 10 ++++++++++ docs/quick_start.md | 7 +++++++ .../payment/wechat/InMemoryWechatTenantService.java | 13 +++++++------ .../felord/payment/wechat/WechatPayProperties.java | 6 ++++-- .../felord/payment/wechat/v3/SignatureProvider.java | 4 ++-- 5 files changed, 30 insertions(+), 10 deletions(-) diff --git a/docs/changelog.md b/docs/changelog.md index 5d27d83..34ba68d 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -1,3 +1,13 @@ +## 1.0.20.RELEASE +### 微信支付 + +- enhance: 增加了通过微信公钥对微信支付相关接口的响应内容或微信回调通知的参数进行验签的支持。 + - 微信配置项增加了:``` wechat-pay-public-key-id: 微信支付公钥的ID、 wechat-pay-public-key-path:微信支付公钥的路径、wechat-pay-public-key-absolute-path: 微信支付公钥的绝对路径、 switch-verify-sign-method: 是否启用从平台证书切换到微信支公钥``` + - `wechat-pay-public-key-id ` 与`wechat-pay-public-key-path或wechat-pay-public-key-absolute-path`同时正确配置,才会启用微信支付公钥验签,否则默认使用平台证书进行验签。 + - 如果需要[从平台证书切换成微信支付公钥](https://pay.weixin.qq.com/doc/v3/merchant/4012154180#5.-%E6%B2%A1%E6%9C%89%E4%BD%BF%E7%94%A8%E5%BE%AE%E4%BF%A1%E6%94%AF%E4%BB%98SDK%E7%9A%84%E5%95%86%E6%88%B7%E5%A6%82%E4%BD%95%E5%B0%86%E5%B9%B3%E5%8F%B0%E8%AF%81%E4%B9%A6%E5%88%87%E6%8D%A2%E6%88%90%E5%BE%AE%E4%BF%A1%E6%94%AF%E4%BB%98%E5%85%AC%E9%92%A5),请启用`switch-verify-sign-method`参数 +- enhance: 增加了微信支付V3版本的付款码支付``codePay``与撤销API``reverse``(仅支持普通商户模式,服务商模式暂不支持) +- factor: 升级了spring-boot-parent版本从 2.7.7 到2.7.18 +- factor: 升级了Alipay SDK版本从4.31.7.ALL到4.40.251.ALL ## 1.0.18.RELEASE ### 微信支付 diff --git a/docs/quick_start.md b/docs/quick_start.md index 768dff4..292cf51 100644 --- a/docs/quick_start.md +++ b/docs/quick_start.md @@ -86,6 +86,13 @@ wechat: mch-id: 1603337223 domain: https://felord.cn/miniapp cert-path: miniapp/apiclient_cert.p12 + #微信公钥ID + wechat-pay-public-key-id: PUB_KEY_ID_0116278111111115222222501 + #微信公钥 + wechat-pay-public-key-path: pub_key.pem + wechat-pay-public-key-absolute-path: D:\\felord\\wechat\\cert\\pub_key.pem + #是否启用从平台证书切换成微信支付公钥 不填默认为false + switch-verify-sign-method: true ``` > ❗注意:在一套系统中需要开发者保证`tentanID`唯一。 diff --git a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/InMemoryWechatTenantService.java b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/InMemoryWechatTenantService.java index b8e1c1c..8ff21f1 100644 --- a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/InMemoryWechatTenantService.java +++ b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/InMemoryWechatTenantService.java @@ -80,14 +80,17 @@ public class InMemoryWechatTenantService implements WechatTenantService { } private WeChatPublicKeyInfo initWeChatPublicKeyInfo(WechatMetaBean meta) { - boolean enablePublicKey=StringUtils.hasLength(meta.getV3().getWeChatPayPublicKeyId()) && StringUtils.hasLength(meta.getV3().getWeChatPayPublicKeyPath()); + boolean enablePublicKey=StringUtils.hasLength(meta.getV3().getWechatPayPublicKeyId()) && + (StringUtils.hasLength(meta.getV3().getWechatPayPublicKeyPath())||StringUtils.hasLength(meta.getV3().getWechatPayPublicKeyAbsolutePath())); if (!enablePublicKey) { return null; } try { - String certPath=meta.getV3().getWeChatPayPublicKeyPath(); + String certPath=meta.getV3().getWechatPayPublicKeyPath(); + String certAbsolutePath = meta.getV3().getWechatPayPublicKeyAbsolutePath(); Resource resource = - resourceLoader.getResource(certPath == null ? "classpath:wechat/pub_key.pem" : + StringUtils.hasLength(certAbsolutePath) ? new FileSystemResource(certAbsolutePath) : + resourceLoader.getResource(!StringUtils.hasLength(certPath) ? "classpath:wechat/pub_key.pem" : certPath.startsWith(ResourceUtils.CLASSPATH_URL_PREFIX) ? certPath : ResourceUtils.CLASSPATH_URL_PREFIX + certPath); PemReader pemReader = new PemReader(new InputStreamReader(resource.getInputStream())); PemObject pemObject = pemReader.readPemObject(); @@ -95,10 +98,8 @@ public class InMemoryWechatTenantService implements WechatTenantService { KeyFactory keyFactory = KeyFactory.getInstance("RSA"); RSAPublicKey publicKey = (RSAPublicKey) keyFactory.generatePublic(keySpec); // 生成公钥 - WeChatPublicKeyInfo keyInfo = new WeChatPublicKeyInfo(publicKey, meta.getV3().getWeChatPayPublicKeyId(), meta.getTenantId()); - return keyInfo; + return new WeChatPublicKeyInfo(publicKey, meta.getV3().getWechatPayPublicKeyId(), meta.getTenantId()); }catch (Exception e){ - e.printStackTrace(); throw new PayException("An error occurred while generating the public key,Please check the format and content of the configured public key"); } } diff --git a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayProperties.java b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayProperties.java index 2d60692..18b353f 100644 --- a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayProperties.java +++ b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayProperties.java @@ -80,14 +80,16 @@ public class WechatPayProperties { /** * wechat pay public key id */ - private String weChatPayPublicKeyId; + private String wechatPayPublicKeyId; /** * see * * wechat pay public key */ - private String weChatPayPublicKeyPath; + private String wechatPayPublicKeyPath; + + private String wechatPayPublicKeyAbsolutePath; /** * diff --git a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/SignatureProvider.java b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/SignatureProvider.java index 98c3058..3b8a2c5 100644 --- a/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/SignatureProvider.java +++ b/payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/SignatureProvider.java @@ -448,7 +448,7 @@ public class SignatureProvider { public boolean isSwitchVerifySignMethod(String tenantId) { - String publicKeyId=wechatMetaContainer.getWechatMeta(tenantId).getV3().getWeChatPayPublicKeyId(); + String publicKeyId=wechatMetaContainer.getWechatMeta(tenantId).getV3().getWechatPayPublicKeyId(); Boolean switchVerifySignMethod = wechatMetaContainer.getWechatMeta(tenantId).getV3().getSwitchVerifySignMethod(); @@ -456,6 +456,6 @@ public class SignatureProvider { } public String getWechatPublicKeyId(String tenantId) { - return wechatMetaContainer.getWechatMeta(tenantId).getV3().getWeChatPayPublicKeyId(); + return wechatMetaContainer.getWechatMeta(tenantId).getV3().getWechatPayPublicKeyId(); } }